[From the desk of Paul Davis – his opinions and no-one else’s]
\nI know that the Beebone botnet was taken down, but users and administrators still need to clean up.<\/p>\n
So onto the news:<\/p>\n
Top 5 Cybersecurity Failures in Financial Services<\/p>\n
\u2026 according to a report by the Center for Strategic and International Studies, a Washington-based think tank. A Hewlett Packard-sponsored study found that the financial sector suffered the 2nd highest annual cybercrime cost behind energy & utilities.<\/p>\n
The average financial institution incurs an annualized cyber attack expense of $13 million. The most prevalent types of cyberattacks include viruses and worms, followed by malware, botnets, web-based attacks and phishing schemes, respectively, said the study. The primary actors targeting the financial services industry are often hackers connected to crime syndicates in former Soviet Bloc countries, according to cyber security experts.<\/p>\n
As cybercrime emerges as a dominant news headline, financial firms have become especially vulnerable to scandal. 80% of banking CEOs consider cyber attacks to be the biggest threats to their companies\u2019 growth prospects1. For an industry who\u2019s business model hinges on the mantra of \u201ctrust,\u201d safeguarding client account data is a matter of life and death.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a1122bc75d&e=20056c7556<\/p>\n
Log Management Tools Face-Off: Splunk vs. Logstash vs. Sumo Logic<\/p>\n
With that being said, let\u2019s take a look and compare a few of the tools in this space. Today, I\u2019ll be comparing Logstash, Splunk, and Sumo Logic. There are more tools out there worth considering, like Loggly for example, but these three give a good representation of the different types available. You can read more about log management tools in the new ebook we\u2019ve just released: The Definitive Guide for Production Tools.<\/p>\n
Choosing between these three tools comes down to a few factors. One of the primary factors is going to be the deployment model you\u2019re comfortable with. On-premises, SaaS, and open source all have different pros and cons that require a careful examination of your needs and environment. Depending on how much control you want and effort you\u2019re willing to put in, you\u2019ll lean more towards one type or another. Other factors include the cost, extensibility, and extra features of the different tools.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e447b1c0e3&e=20056c7556<\/p>\n
New virus directly targeting ATMs likely headed for Japan: Interpol<\/p>\n
Banks in several countries have been hit by a new form of financial cyberattack, in which a virus alters banks\u2019 computer systems to allow cash withdrawals from automated teller machines to users without an account, Interpol officials said Saturday.<\/p>\n
On Friday, Tokyo police said about 82,000 personal computers worldwide, including about 44,000 in Japan, have been found infected with a separate virus that steals online banking users\u2019 login details to make unauthorized money transfers.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=51ba102d26&e=20056c7556<\/p>\n
Top Five Things To Check After An IT Security Incident<\/p>\n
Before diving into an investigation, it is key that your company define exactly what an IT security incident is to them. This may vary based upon the type of information your company stores, as well as the type of industry your company is a part of.<\/p>\n
Although it has become increasingly difficult over the years to protect consumer data, an effective Incident Response Plan (IRP) will allow for Security Operations Centers (SOCs) to reduce the impact of an IT security incident.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0cc9ae1561&e=20056c7556<\/p>\n
Atmia Assists Atm Industry in Preventing Malware Attacks<\/p>\n
To help the ATM industry prevent malware attacks on its terminals, the ATM Industry Association has published new guidelines called \u201cBest Practices for Preventing ATM Malware, Black Box and Cyber-Attacks\u201d.<\/p>\n
This important security manual explains how ATM malware works, from installation to execution, as well as how to detect it. It includes major international ATM malware case studies, for example, Skimer-A, Scrooge, Siberian Malware, Dump Memory Grabber, Backdoor Ploutus, Macau Malware and others.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1e37a01406&e=20056c7556<\/p>\n
All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP<\/p>\n
Kvarnhammar says the unpublished API, which he dubs a backdoor, grants root access to local users on unpatched boxes. The flaw (CVE-2015-1130) is fixed in Apple’s patch run this week but for machines running OS X 10.10.x only.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=27a34bdd41&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=cd369bb321)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] I know that the Beebone botnet was taken down, but users and administrators still need to clean up. So onto the news: Top 5 Cybersecurity Failures in Financial Services \u2026 according to a report by the Center for…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1051","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1051","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1051"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1051\/revisions"}],"predecessor-version":[{"id":3538,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1051\/revisions\/3538"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1051"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1051"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1051"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}